According to the
Java 2 Platform Security Architecture, a Principal (java.security.Principal) is an entity (not in the
EJB sense) in a computer system to which permissions are granted.
According to JAAS, a Subject (javax.security.auth.Subject) may potentially have multiple identities each of which might be represented as a Principal.
To sum up, a subject may have many principals that represent it.
Moreover, I'm moving this
thread to the Security forum as this topic is not really part of the SCBCD exam
[ April 01, 2004: Message edited by: Valentin Crettaz ]
